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Wireless Network Infrastructure 

TECHNICAL FIELD 

This invention generally relates to wireless communication systems and, more 
particularly, to a business model for expanding a wireless network architecture. 

5 

BACKGROUND 

Wireless Internet sendees are available today, utilizing, for example, standard 
wireless protocols such as Cellular Digital Packet Data, also known as "wireless Internet 

Q 

« Protocol" (wireless IP). (See CPDP System Specification and Implementation Guidelines, 

yj 

\0 

fpjo Release 1.1, Wireless Data Forum, Washington, D.C.) CDPD can be implemented in 

SA 

u American Mobile Phone Systems (AMPS) cellular networks, and thus a wireless Internet 

m 

fU service based thereon could become widely available, but the service is slow (given a data 
5 transmission rate of 19.2 kbps) and expensive (approximately $1.40 per megabyte of data 

iz 5 

lr transmitted). (The AMPS is a frequency division multiple access (FDMA) analog cellular 
rT 15 system developed by AT&T Bell Labs in the 1970s). 

Additionally, wireless local area networks (WLANs), for example, those based on 
the IEEE 802.11 standard, are emerging. (For further information regarding the IEEE 
802.11 standard, refer to IEEE 802.11, 1999 Edition (ISO/IEC 8802-11: 1999) IEEE 
Standards for Information Technology - Telecommunications and Information Exchange 
in between Systems - Local and Metropolitan Area Network - Specific Requirements - Part 
11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) 
Specifications^ IEEE 802.1 la-1999: 8802-1 1:1999/ Amd 1: 2000(E)) t IEEE Standard for 
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Information technology — Telecommunications and information exchange between 
systems — Local and metropolitan area networks — Specific requirements — Part 11: 
Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) > 
specifications — Amendment 1: High-speed Physical Layer in the 5 GHz hand; and IEEE 
802.1 lb-1999: Supplement to 802.1 1-1 999,Wireless LAN MAC and PHY specifications: 
Higher speed Physical Layer (PHY) extension in the 2.4 GHz band.) 

Increasingly popular 802.11b WLANs currently offer ~6 Mbps (11 Mbps 
instantaneous peak) data transmission rates over a range of -100 meters and soon will 
increase to -30 Mbps. Besides the relatively high speeds achieved by IEEE 802.1 1 based 
WLANs, such WLANs generally have no service fees. However, because of this, there is 
no incentive for operators to install IEEE 802.1 1 networks for public use. Thus coverage is 
limited to private networks. 

In summary, the wireless Internet service available today is an expensive, 
fragmented service with limited coverage. To obtain reasonable data transmission rates and 
service coverage, one could maintain a CDPD subscriber account, and carry a CDPD 
PCMCIA modem card, and an 802.1 1 WLAN PCMCIA card. A home or office computer 
would utilize the 802.1 1 WLAN PCMCIA card, and the CPDP PCMCIA card for general 
use outside the home or office. 

Network operators have not embraced development of a wireless infrastructure 
because of the perceived need to acquire sufficient licensed radio frequency spectrum to 
build out a nation-wide network, a costly undertaking. With the uncertainties raised by the 
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introduction of other technologies such as GPRS/EDGE and CDMA-2000, and the recent 
history of the wireless market, these operators are proceeding slowly and cautiously. 

What is needed is a business model, network architecture and protocols that 
facilitate development and operation of a wireless infrastructure to provide ubiquitous 
wireless Internet access. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention is illustrated by way of example, and not necessarily by way 
of limitation in the figures of the accompanying drawings in which like reference numerals 
refer to similar elements. 

Fig. 1 illustrates an embodiment of the invention. 

PE T A M ,ED DESCRIPTION 

Reference throughout this specification to "one embodiment" or u an embodiment" 
means that a particular feature, structure or characteristic described in connection with the 
embodiment is included in at least one embodiment of the present invention. Thus, 
appearances of the phrases "in one embodiment" or "in an embodiment" in various places 
throughout this specification are not necessarily all referring to the same embodiment. 
Furthermore, the particular features, structures or characteristics may be combined in any 
suitable manner in one or more embodiments. 

A business model, network architecture and software are described for 
implementing and operating a world-wide wireless internetwork infrastructure. The 
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infrastructure includes a distributed wireless packet data network based on wireless local 
area networking (WLAN) technology and utilizing high speed (e.g., 1-11 megabits per 
second data rates), low cost wireless data terminal equipment (e.g., less than $100). 
However, it is appreciated that wireless technology and data terminal equipment are not 
5 sufficient incentives, on their own, to build a wireless network - also needed are the 
economic incentives to invest in building a comprehensive network necessary to support a 
wide variety of wireless network services. 

The invention described herein aligns the interests of wireless base station 

Q 

sQ operators, Internet service providers (ISPs), and content providers, and provides a means 

£H io by which money flows from end users to content providers and then back to the ISPs and 

Si 

;„.. wireless base-station operators, thus providing an incentive to expand the wireless network 

tn 

infrastructure. In this manner, it is expected that, for example, thousands of entities 

O 

yQ become independent wireless base station operators. It is contemplated that some entities, 

fU 

H such as individuals, will become base station operators for a cut of the subscriber revenue 

□ 

M is stream. Other entities, such as hotels and restaurants, will do so because their regular 
customers see wireless Internet coverage as a value added service. Still others will set up 
and operate base stations in their homes and offices simply for personal use. As a side 
effect of ail of these interests, a wireless network infrastructure will expand to cover areas 
in which end users want to, and can, use their UTs. 
20 The invention provides an environment for content providers to develop wireless 

services for end users while returning a fraction of the content providers revenues, for 
example, to the network, for distribution back to the Internet Service Providers (ISPs), 
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and/or the radio base-station operators. It is contemplated that every entity is capable of 
being independent of the others, from the wireless radio base-station operators, the ISPs, to 
the content providers. 

Figure 1 illustrates one embodiment of the invention 100, in which independent 
radio base-station operators build ubiquitous wireless Internet coverage based on monetary 
incentives. Prior art approaches to providing such coverage suffer from scaling problems 
that limit the rate of growth and adoption - it is a huge task for a single or small number of 
entities to build and operate a complete network, market user terminals, bill subscribers, 
acquire radio frequency spectrum, etc. The invention differs from such other models, e.g., 
Metricom's now defunct Ricochet wireless Internet approach, mainly by distributing 
responsibility for base-station acquisition, siting, and operation to independent base-station 
operators in exchange for some portion of end user or subscriber revenues. 

A user terminal (UT) 105 communicates with a server, for example, a server 130 
connected to the Internet 120 and operated by a content service provider, such as 
Amazon.com. The term user terminal, as used herein, refers to a user device or user 
equipment. Additionally, a user is a device or application attached to or coupled with the 
UT, and an end user or subscriber is a person or entity owning or using the user/UT. The 
subscriber periodically pays for Internet based services, such as Voice over Internet 
Protocol (Voice over IP, or VoIP) phone calls, book purchases, stock quotes, etc., as 
represented by arc 150 in Fig. 1. A portion of these payments are distributed by the 
network infrastructure to the providers of the various network data carrying services 
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actually used (denoted by arcs 151 and 152), including the operator of a wireless base 
station (denoted by arc 153). 

The UT may be any electronic device having wireless radio frequency 
communication capabilities, or coupled to or with a device having radio frequency 
communication capabilities, such as a wireless modem. Additionally, software, such as 
driver software, may be resident in the UT so the UT can operate in a network in 
accordance with the present invention. 

For example, the UT may be a desktop or laptop computer, a personal digital 
assistant (PDA), cellular telephone, two-way pager, or the like. In one embodiment, UT 
1 05 contains a radio that transmits and receives Internet Protocol (IP) datagrams or packets 
to and from the Internet 120. The radio can be a PCMCIA card-based wireless modem. The 
UT communicates with server 130 via a wireless radio frequency link 107. 

A wireless access point 1 10, or simply, access point 1 10, is a wireless base-station 
that collects packets from and distributes packets to user terminals in its wireless coverage 
area. The access point typically is coupled via a link 112 to ISP 115, which in turn, 
connects to the Internet 120 via link 1 17. Ideally link 1 12 is fast and inexpensive (e.g. cable 
modem, xDSL line, wireless point-to-multipoint, etc.) but it could also be a simple dial-up 
connection, depending on the base station hardware and software, base station location, and 
amount of traffic transmitted via the base station. A person or business may be the owner 
and/or operator of one or more such access points. 

The access point 110 can be an IEEE 802.11 base station, capable of 
communicating with user terminals via the radio frequency link 107 using a wireless 
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protocol such as IEEE 802.1 1. While Fig. 1 illustrates a single UT and a single access point 
or wireless radio base station, it is appreciated that many base stations and many more UTs 
are utilized, indeed, desired, to support, for example, a nationwide wireless network 
infrastructure. 

In one embodiment, the access point, in addition to providing wireless service 
coverage for UTs in its service area, collects billing information, for example, based on 
data traffic processed by the access point. The access point collects traffic data, that is, 
statistical data about the data traffic, necessary for billing. The access point operator 
receives payments, as represented by arc 153, for providing wireless Internet services. The 
payments can be calculated, at least in part, based on the billing information collected by 
the access point. The access point furthermore may collect billing information on a per UT 
basis, so that depending on the type of subscriber account associated with the user of the 
user terminal, the subscriber can be billed, that is, an accounting for services is posted to 
the subscriber account, and the access point can receive a portion of a payment by the 
subscriber for the bill, based on the posting. For example, for flat rate service (e.g., a 
subscriber pays $20/month), the access point need only count bytes, or number of packets, 
of traffic carried, while for measured rate service (e.g., a subscriber pays $15/month plus 
$0.10 per megabyte (MB) over 50 MB per month and $0.05 per MB over 200 MB per 
month), a byte count per UT (as identified, for example, by the UT's MAC address) is 
maintained. Alternatively, service could be measured in terms of connect time, for 
example, per-minutes or per-day connect-time. Connect time may be the amount of time 
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the user terminal is associated with a WAP, or the amount of time the user maintains a 
session with a server via a connection to the server established via the WAP. 

The access point includes software that routes IP packets, collects billing 
information, and cooperates with the other network entities to deliver network services. 
Alternatively, such software may reside in the ISP 115. Given the ISP's possible hardware 
platforms likely are more varied than the access point's possible hardware platforms, it 
may be, from a developer's perspective, better to develop router software for access points 
rather than ISP hardware platforms. Ultimately, it is contemplated that this software will be 
capable of being executed on many access point platforms. However, initially it is 
contemplated to run on a Microsoft Windows98/Windows2000/WindowsNT PC with a 
wireless LAN base station coupled thereto. 

The router software performs many functions, including requesting authentication 
of WLAN MAC addresses as new user terminals request admission to the network; 
keeping track of local, private user terminals which may be allowed to use the network free 
of charge; filtering unauthorized traffic; providing fire-wall services so that public user 
terminals cannot send and receive packets to machines on a private LAN; coordinating 
hand-over of a roaming user terminal with other access points; tunneling (encapsulating) 
traffic to other access points after a roaming user terminal subscribing to full or partial 
mobility service has moved on to another access point; unwrapping (decapsulating) traffic 
tunneled to the user terminal's present access point from the user terminal's original access 
point; and collecting billing traffic summary statistics (for example, by user terminal) and 
storing them for upload to the billing entity. 
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In one embodiment of the invention, access point concentration is provided by a 
conventional wired Internet Service Provider (ISP) 115. That is, multiple access points 
access the Internet via the same ISP. In particular, each access point 115 is connected to 
the Internet 120, usually by the back-haul services provided by the ISP. The ISP usually 
has a high-speed trunk connection 1 17 to the Internet 120. The high-speed trunk is often a 
Tl , T3, or ATM connection. 

Responsibility for customer billing and marketing may or may not be distributed 
among Internet-based content and service providers, many of whom provide specialized 
services witmspecialized terminal equipment (e.g., a VoIP phone). To the extent billing is 
distributed between various service providers, the revenue/value chain is more 
complicated, bui in any case, investment is further distributed and the potential for wireless 
network infrastructure growth is expanded in accordance with the present invention. 

An authenticator 125 is connected to the Internet 120 and provides authentication 
services to access points and user terminals. The authenticator 125 charges a fee to content 
service providers, such as the content service provider operating server 130, for allowing 
subscribers access to the network 100. The fee provided the authenticator, represented by 
arc 151, is some portion of subscriber payments to content service provider 130 for 
providing, among other things, authentication services for the content service provider and 
the provider's subscribers. Router software, whether executing on the hardware platform 
of the access point or ISP, queries the authenticator as to whether to provide packet 
delivery services for a given user. The authenticator, using encryption software, 
communicates with a user terminal, in particular, software such as driver software, on the 
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user terminal, to authenticate the user. In one embodiment, the authenticator also queries 
the content service provider to verify the subscriber has adequate credit standing to gain 
access to the network. 

Upon receiving a response from the authenticator, router software decides whether 
to continue to provide packet routing and delivery services for a particular user terminal. If 
authentication fails, then service for the user terminal is unavailable. In one embodiment, 
the authenticator also provides a code to the router software for use in generating encrypted 
billing information for that user terminal. The authenticator collects traffic data statements 
from router software, via the ISP back haul line 117, and stores the statements for use in 
calculating usage-based payments back to ISPs and access point operators, respectively 
represented in Fig. 1 by arcs 152 and 153. In one embodiment, if the authenticator and 
billing entity functionality is distributed among different platforms and/or service 
providers, the authenticator further uploads the collected billing traffic statistics to the 
billing entity hardware/service provider. In one embodiment, communication between the 
access point and the authenticator is encrypted to prohibit impersonation of the 
authenticator and/or access point. 

The content service provider operating, for example, server 130, provides Internet 
content for which a subscriber is willing to pay money, for example, a subscription fee. In 
the case of a subscription fee based service, the content service provider collects periodic 
payments from subscribers and pays the network access bills generated by the 
authenticator. The authenticator then distributes some portion of these revenues, referred to 
herein as a rebate, back to ISPs and/or access point operators based on the services they 
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provided (e.g., number of bytes transmitted). In some content service provider models, no 
value-added content is served - the subscriber simply gets an Internet connection in a fee- 
for-bytes or flat-rate arrangement similar to a conventional, wired ISP. 

The rebates can be tiered based on how much an operator pays for a base-station. 
Subsidized base-stations might carry a smaller rebate than ones sold without subsidy. In 
fact, overpayment for base-stations is possible to provide a means for an operator to invest 
in the billing entity service provider. 

Although not shown in Fig. 1, a Home Location Register (HLR) may optionally be 
utilized in the network 100. The HLR comprises an Internet resident database of user 
terminal locations. Router software or driver software updates records in the HLR as 
mobile user terminals move about from WLAN to WLAN, that is, from one access point to 
another access point, or from one ISP to another ISP. In one embodiment of the invention, 
the content service provider may provide the HLR. 

In conjunction with the optional HLR, an optional mobility service is available to a 
user terminal. The service provides a fixed IP address for a mobile user terminal. A 
mobility service provider can keep track of the whereabouts of a user terminal, with 
reference to the HLR. The actual implementation of mobility services depends on the 
underlying service. Mobility services provided by a single server can simply follow the 
user terminal around as the IP address assigned to the user terminal changes. 


An important underlying^principle of the wireless network architecture and business 


jnodel contemplated by thepresent invention is that all entities participating in the set up 
and operation of the n/twork should have something to gain from expanding and 
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improving the network and its services. For example, content service providers such as 
Amazcwi, Yahoo, Net2Phone, etc., get customers that the content providers can target with 
merchandise, wireless devices, and services of all kinds. A music company can sell songs 
for a /wireless MP3 portable music database/player. An Internet VoIP phone company can 
sell voice communications services. An online bookstore can sell books that a subscriber 
do w: Loads and reads on a portable electronic device. Online magazines can sell access to 
their services. A medical monitoring company can sell real-time analysis of heart rhythms, 
possibly detecting a heart attack before it happens. The potential applications are 
nurrjerous. 

Ubiquitous, high-speed, wireless Internet service opens new opportunities for 
providing content and services. The application content service providers increase revenue 
from a growing user base. Users subscribe because of all the available content. 
Furthermore, the application content service providers market wireless devices and services 
that build the user base fueling demand for the network. 

Subscribers get access to a wide range of goods and services made possible by high 
speed, ubiquitous wireless Internet service coverage. A subscriber gets "tetherless Internet 
access" near any access point. The number of installed access points increases until 
wireless Internet service coverage becomes ubiquitous. As WLAN technologies improve, 
data rates increase. However, the subscriber need not wait for a full network deployment to 
perceive significant value. The subscriber can purchase a personal access point and have 
tetherless Internet access in their home or office, which is the key to getting the wireless 
network infrastructure in place. 
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As mentioned above, Internet Service Providers (ISPs) provide back-haul services 
from wireless access points to the Internet. A rebate scheme is structured such that the ISPs 
are paid for the data traffic that they transport between the Internet and access points, 
however calculated. Thus, it is in the interest of ISPs to encourage the installation of more 
and more access points providing coverage and increasing wireless Internet usage. 

In one embodiment, ISPs also provide fixed IP addresses and mobility management 
services for users who wish to maintain a continuous Internet connection while roaming 
between WLANs. For services that require these continuous connections, (e.g., VoIP 
services) content service providers may contract with ISPs to provide fixed virtual 
connections to mobile users. This fixed IP address and mobility management service 
performs the same function as an HLR in a cellular telephone network, which are well 
known in the art, and thus not discussed further herein. 

It is contemplated that some access point operators will install base stations just to 
get wireless Internet service coverage where needed for their own use as subscribers. A 
typical example of this scenario would be a home user who buys an access point to get 
coverage in their home. Back-haul services would be provided through a cable modem, 
xDSL line, or even dial-up modem. Depending on the range of the WLAN technology 
embodied in the base station, the home user might incidentally be providing service to their 
neighbors, for example, in apartment buildings. Another example is businesses that install 
base stations to provide tetherless Internet access within their facility. Security features in 
the access point router software would provide different routing services for company 
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employees versus "foreign" users. For example, employees may be allowed to mount 
directories on a local file server, but foreign users would not see any local servers. 

However important these incidental access point operators are to providing 
ubiquitous wireless Internet service coverage, the rebate scheme is structured to ensure an 
incentive to become an access point operator. Airports, hotels, coffee shops, libraries, 
bookstores, shopping malls, etc., will install access points for the revenue generated by 
rebate payments. This financial feedback is what drives operators to provide service at 
locations desired by users and to split wireless service areas to provide adequate capacity. 

Eventually, it is envisioned that the subscriber base might be large enough that 
establishments such as coffee shops, bookstores, and hotels provide coverage on their 
premises as a service to their customers simply to maintain competitiveness in drawing 
customers. 

The clearest incentive is to the authenticator/billing entity, which is the primary 
collector of the subscriber generated revenue stream, with a portion of this revenue 
provided to access point operators and ISPs as a rebate. The authenticator, or authentication 
service provider, maintains the keys to access network 100. No user terminal can access a 
foreign WLAN without permission from the authenticator. The authenticator also collects 
billing information (for example, VoIP telephone call detail records) from the ISPs for each 
user terminal session. This billing data is provided to content service providers for use in 
billing the user. The content service provider pays the authenticator to keep subscribers in 
the authenticated database, thereby ensuring continued access to the network 100. 
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Manufacturers are presented with the opportunity to sell base stations and user 
terminals. Access points are not sold to a small group of large operators - instead, access 
points are high volume consumer electronics devices. Likewise, user terminals need not be 
tied to specific service providers. They can be sold directly to consumers and retailers. 

Any number of content service providers can utilize network 100 and the business 
model described above to provide applications to subscribers. A brief description of some 
possible content services follows. 

The simplest service is a general Internet Protocol (IP) packet delivery service. The 
UT in this case may be a WLAN card in a laptop PC. The services provided to the 
subscriber include various Internet application protocols, including HTTP (world wide web 
browsing), telnet, FTP, etc. The content service provider has no infrastructure other than 
billing, takes call detail information from the Authenticator, debits the subscriber's billing 
account, and sends an account statement, for example, via electronic mail, to the 
subscriber. The bulk of the subscription fee is transferred (as designated by arc 151 in Fig. 
1) to the authenticator and then distributed to the ISPs (arc 152) and access point operators 
(arc 1 53). A typical subscription fee schedule might be: 

0 to 20 MB/month @ $19.99/month, plus $1/MB for > 20 MB/month 

Of this, for example, 80 percent is transferred to the authenticator, and then 80 
percent of that is transferred to the ISPs. 
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ity cellular telephone service, similar to Personal Handyphone System 


(PHS) in Japan, can be readily provided by VoIP enabled WLAN user terminals that have 


the appearance of 


cell phones. These user terminals cooperate with application software 


v resident either at their home ISP or at the content service provider's servers. This software 

coordinates the delivery of compressed voice packets between the user's terminal and a 
public switched telephone network (PSTN) gateway 135 nearest the termination point of 
the phone call. The authenticator charges the content service provider per MB of voice 
traffic sent from anjd received by the user's user terminal (i.e., phone). The content service 
provider bills the user, for example, based on this usage data or, for example, based on 
fff more detailed infoijmation about call sources and destinations. 

M An additional application contemplated by the invention is an electronic book 

• - service that comes with an electronic book reader device with storage for several books and 
^ a display. Using the book reader device, a subscriber can visit an electronic book reader 
ffl service web site, browse book content, select for purchase and purchase book content, and 
download book content for reading when out of wireless range (e.g. on an airplane, in a 
car) or even have a printed copy delivered to your house. The book reader service provider 
and the original author are secure in the knowledge that the downloaded book cannot be 
copied and further distributed without physically breaching the electronic book device. 

An MP3 service would operate in a manner very similar to the electronic book 
20 service, but the information content is music rather than prose. The user terminal would 
have real-time access to the libraries of music content. Control of the physical user terminal 
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device and protocols allows the content service provider to be secure in the knowledge that 
the music downloaded will not be illegally redistributed. 

One example of an implementation of an embodiment of the invention follows. A 
subscriber accesses an online bank via a user terminal, UT1, and purchases credit for 1000 
units of Internet access for some amount of money, say $10. The units may represent any 
measure of Internet access, for example, bandwidth, time, quality of service, or some 
combination thereof. The online bank mints a certificate, Nl, for the subscriber by 
generating a 512 bit random number, storing it in the subscriber's database record at the 
online bank along with an identifier for UT1, UT1_ID, and the number of units purchased, 
in this example, 1000 units. (The random number that is the certificate is a representation 
of the units purchased by the subscriber.) The random number is then encrypted and sent 
to the subscriber. 

At some point the subscriber then accesses the Internet. An access point, API, 
receives a page from the UT1, and as part of the process of setting up a session, queries the 
subscriber for a deposit against future data traffic with UT1. The subscriber responds by 
sending the certificate to the online bank with a request that some number of units, say 2 
units, be reallocated to API. 

The online bank receives the certificate Nl from the request and verifies that UT1 
indeed owns 1000 units, mints a new certificate, N2, representing 998 units for UT1, and 
another certificate, N3, representing 2 units for API, and provides the certificates to UT1 
and API, according to the same process as described above. After both UT1 and API 
acknowledge receiving their change (998 units) and payment (2 units), respectively, 
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certificate Nl is removed from the subscriber's database, and certificate N2 is added in its 
place. The certificate N3 is added to the access point's database record maintained at the 
online bank as well. Alternatively, the certificate N3 is not needed; 2 credits are simply 
added to API's account balance at the online bank. At the end of a billing cycle, e.g., the 
end of the month, access points receive a check for their credit balance. 

Although the invention has been described in the detailed description as well as in 
the Abstract in language specific to structural features and/or methodological steps, it is to 
be understood that the invention defined in the appended claims is not necessarily limited 
to the specific features or steps described. Rather, the specific features and steps are 
merely disclosed as exemplary forms of implementing the claimed invention. It will, 
however, be evident that various modifications and changes may be made thereto without 
departing from the broader spirit and scope of the present invention. The present 
specification and figures are accordingly to be regarded as illustrative rather than 
restrictive. The description and abstract are not intended to be exhaustive or to limit the 
present invention to the precise forms disclosed. 

The terms used in the following claims should not be construed to limit the 
invention to the specific embodiments disclosed in the specification. Rather, the scope of 
the invention is to be determined entirely by the following claims, which are to be 
construed in accordance with the established doctrines of claim interpretation. 

In accordance with the teachings above, we claim the following: 
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